CVE Vulnerability
CVE-2008-4383
Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie.
References
| Link | Resource |
|---|---|
| http://www.securitytracker.com/id?1020657 | Third Party Advisory VDB Entry |
| http://www.layereddefense.com/alcatel12aug.html | Broken Link |
| http://www1.alcatel-lucent.com/psirt/statements/2008002/OmniSwitch.htm | Vendor Advisory |
| http://secunia.com/advisories/31435 | Third Party Advisory |
| http://securityreason.com/securityalert/4347 | Third Party Advisory |
| http://www.vupen.com/english/advisories/2008/2346 | Third Party Advisory |
| http://www.securityfocus.com/bid/30652 | Third Party Advisory VDB Entry |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/44400 | Third Party Advisory VDB Entry |
| http://www.securityfocus.com/archive/1/495343/100/0/threaded | Third Party Advisory VDB Entry |
Configurations
Configuration 1
|
|
Information
Published : 2008-10-03 10:22
Updated : 2018-11-02 01:07
NVD link : CVE-2008-4383
Mitre link : CVE-2008-4383
Products Affected
No products.
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer